From 9b9cd8c24b2fa1e062b756d198c7e656973d6ac2 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 7 May 2024 21:29:18 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERCORE-3063766
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
---
 requirements.txt | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 6c8d22c..4ab1710 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -13,12 +13,12 @@ ipython==7.16.1
 ipython-genutils==0.2.0
 ipywidgets==7.5.1
 jedi==0.17.2
-Jinja2==2.11.2
+Jinja2==3.1.4
 jsonschema==3.2.0
 jupyter==1.0.0
 jupyter-client==6.1.6
 jupyter-console==6.1.0
-jupyter-core==4.6.3
+jupyter-core==4.11.2
 MarkupSafe==1.1.1
 mistune==0.8.4
 nbconvert==6.5.1
@@ -48,9 +48,10 @@ Send2Trash==1.5.0
 six==1.15.0
 terminado==0.8.3
 testpath==0.4.4
-tornado==6.0.4
+tornado==6.3.3
 traitlets==4.3.3
 wcwidth==0.2.5
 webencodings==0.5.1
 widgetsnbextension==3.5.1
 zipp==3.1.0
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability